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copyright protection. The copyright owner has no objection to the facsimile reproduction by 
10 anyone of the patent document or the patent disclosure, as it appears in the U.S. Patent and 
Trademark Office patent files or records, but otherwise reserves all copyrights whatsoever. 

Q CROSS REFERENCES TO RELATED APPLICATIONS 

This application claims priority to United States Provisional Patent Application Serial 
W No. 60/214,370, entitled "System and Method for Integrating Public and Private Data," filed 
15- June 28, 2000. 

BACKGROUND OF THE INVENTION 
ft; 1 . Field of the Invention 

S The present invention generally relates to the display of data available over a network. 

- u More particularly, the invention provides for the integrated display of at least one item of public 
20 data and at least one item of private data. 

2. Background of the Prior Art 

The Internet, which comprises a vast array of computer networks distributed throughout 
the world, provides online service subscribers with an almost limitless supply of information. 
25 Some of this information is public, and some is private. As used herein, public information 
refers to data, applications, and other such information which is equally accessible by all or 
substantially all users of a public network. Private information refers to information which is 
accessible by less than substantially all users, namely by one or more authorized parties, and 
usually requires a user to verify his or her identity in some way (e.g., by supplying a user name 
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and password). Public information includes, for example, the weather in Tokyo as offered by a 
weather information website, the price of airfares from New York to London as provided by a 
travel related site, and other such information. Private information includes, for example, bank 
account records, 401k account information, and credit card balance information. Such 
5 information is typically accessible via an appropriate financial institution, bank and/or credit card 
website. 

Information on the Internet can also be classified as either internal or external. Internal 
information includes that information which is provided by a company, through a website (or 
other network protocol), that is proprietary to that company. External information is information 

10 that is accessible from websites other than the website of the particular company. For example, 
if a user visits the site of her bank and accesses various account information, she is accessing 
internal information. If she then wishes to check the Dow Jones Industrial Average Stock Index 
on a page that is not a part of the bank's website, she will be accessing external information. 
Any one company may include multiple internal content providers. For example, one provider 

15 within the company may provide retirement account information, another may provide mutual 
*° fund account information, and a third may provide credit card balances and a method for paying 
balances on the Internet. 

Known systems for acquiring and displaying information are unsatisfactory in a number 
of respects. For example, prior art systems do not sufficiently allow an individual to access and 

20~ view both public and private data simultaneously. That is, viewing combinations of public and 
private data usually includes jumping between two or more websites, viewing only one at a time, 
or using two separate digital viewing devices, such as two computer screens. While some 
systems integrate public and private data on one screen, these systems are limited. For example, 
U.S. Patent No. 5,3 19,542 describes a system for ordering items from an electronic catalogue. 

25 The system of the '542 Patent does allow a user to simultaneously view items in a catalogue 
(public data) and an order form including purchase information (private data). Moreover, the 
system remains static until updated by the user and is not interactively linked to the utilities or 
interactive services of the catalogue business or other entities, such as business partners of the 
catalogue business. In other words, the system usually includes the user inputting all of the 

30 private information that she then views in her order form. Thus, private information from the 
company's data stores is not made automatically available to the user. 
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Furthermore, with the proliferation of Internet use, systems have been described which 
track and process user preferences so that Internet service providers (ISPs) can customize user 
experiences or target marketing efforts to users with specified preferences. An example of target 
marketing is disclosed in U.S. Patent No. 6,157,946, the target marketing contents of which are 
5 hereby incorporated by reference. Additionally, U.S. Patent Nos. 5,848,396 and 5,991,735 
owned by Freedom of Information, Inc. and Be Free, Inc., respectively, generally disclose a 
computer network for providing targeting of appropriate audiences based on psychographic or 
behavioral profiles of the end users, and are herein incorporated by reference. To track user 
preferences, some prior art systems create user profiles based on direct input by the user or on an 
10 automatic analysis of the websites accessed by the user Known systems, however, do not 
typically automatically track both private and public data, accessed by a user, to create a user 
profile. Some existing systems create user profiles based on a user's consumption of public 
3 electronic data, while other existing systems create profiles based on private data manually input 
S by the user. A system is needed that combines the two types of data to create profiles while 
15n automatically adding pre-existing data from proprietary databases. Additionally, prior art 
@ systems do not allow a company or other entity to combine proprietary data, from one or more 

internal content providers, and user preferences of public data as variable input to business rules 
5 to create unique, individually tailored services containing both public and private elements. 

Thus, a need exists for systems that allow a user to simultaneously access and view 
20V public and private data on the same network interface device or system, such as a web page, 
H wireless screen, other digital viewing device or printer. There is also a need for a system that 
automatically tracks user preferences, based on the public and private data accessed by the user 
and on data from one or more internal content provider data stores. Finally, a need exists for a 
system that allows a company to use automatically derived user preference data to personalize 
25 the user's experience on the company's website. 

BRIEF SUMMARY OF THE INVENTION 
The system facilitates the simultaneous access and viewing of public and private data by 
integrating the two forms of data. Public and private data may be accessed from at least one 
30 internal content provider, at least one external content providers or a combination of both. In 
other embodiments, the system allows internal content providers to create user profiles 
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responsive to proprietary user information from their own databases and automatically-generated 
information regarding user preferences of information accessed from the a network. Internal 
content providers can then use these profiles to personalize, for example, the experiences of the 
customers who use their website, and/or to specifically target marketing materials to its 
5 customers. 

BRIEF DESCRIPTION OF THE FIGURES 
Additional aspects of the present invention will become evident upon reviewing the non- 
limiting embodiments described in the specification and the claims taken in conjunction with the 
10 accompanying figures, wherein like numerals designate like elements, and: 

FIG. 1 is a conceptual block diagram providing an exemplary overview of the system 
according to one embodiment of the present invention; 

FIG. 2 is a conceptual block diagram depicting an exemplary integration of information 
from multiple internal and external content providers on one digital display; 
15 FIG. 3 is a flow diagram showing an exemplary integration of information from various 

sources to form a web page on one digital display; 

FIG. 4 is a flow diagram depicting in further detail an exemplary flow of information 
through the web server of the system according to the present invention; 

FIG. 5 is a flow diagram showing an exemplary flow of information from the client tier 
20 to the back-end tier and from the back-end tier to the client tier; and 

FIG. 6 is an exemplary screen shot of a personal web site created according to one 
embodiment of the present invention. 

DETAILED DESCRIPTION OF EXEMPLARY EMBODIMENTS 
25 A system in accordance with various aspects of the present invention facilitates 

simultaneously accessing and viewing public and private data from at least one content provider. 
In this regard, the description that follows sets forth various exemplary embodiments of the 
invention only, and is not intended to limit the scope, applicability, or configuration of the 
invention in any way. Rather, the following description is intended to provide convenient 
30 illustrations for implementing different embodiments of the invention. As will become apparent, 
various changes may be made in the function and arrangement of the elements described in these 
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embodiments without departing from the spirit and scope of the invention. For example, changes 
may be made in the design and arrangement of the elements described in the preferred 
embodiments without departing from the scope of the invention as set forth in the appended 
claims. 

5 The system may include a host server or other computing systems including a processor 

for processing digital data, a memory coupled to said processor for storing digital data, an 
application program stored in said memory and accessible by said processor for directing 
processing of digital data by said processor, a display coupled to the processor and memory for 
displaying information derived from digital data processed by said processor and a plurality of 
10 databases, said databases including client data, merchant data, financial institution data and/or 
like data that could be used in association with the present invention. As those skilled in the art 
□ will appreciate, user computer will typically include an operating system (e.g., Windows NT, 
X; 95/98/2000, Linux, Solaris, etc.) as well as various conventional support software and drivers 
: & typically associated with computers. Alternatively, user system may be a personal digital 
l|j assistant ("PDA"), internet enabled wireless phone or the like. User system can be in a home or 
rf business environment with access to a network In an exemplary embodiment, access is through 
* the Internet, through a commercially-available web-browser software package, 
jt The host computer may provide a suitable website or other Internet-based graphical user 

jjf interface which is accessible by user systems. In one embodiment, the Internet Information 
2£§ Server, Microsoft Transaction Server, and Microsoft SQL Server, are used in conjunction with 
r the Microsoft operating system, Microsoft NT web server software, a Microsoft SQL database 
system, and a Microsoft Commerce Server. Additionally, components such as Oracle, MySQL, 
Intervase™, etc., may be used to provide database management system. The term "webpage" as 
it is used herein is not meant to limit the type of documents and applications that might be used 
25 to interact with the user. For example, a typical website might include, in addition to standard 
HTML documents, various forms, Java applets, Javascript, active server pages (ASP), common 
gateway interface scripts (CGI), extensible markup language (XML), dynamic HTML, cascading 
style sheets (CSS), helper applications, plug-ins, and the like. 

The present invention may be described herein in terms of functional block components, 
30 screen shots, optional selections and various processing steps. It should be appreciated that such 
functional blocks may be realized by any number of hardware and/or software components 
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configured to perform the specified functions For example, the present invention may employ 
various integrated circuit components, e.g., memory elements, processing elements, logic 
elements, look-up tables, and the like, which may carry out a variety of functions under the 
control of one or more microprocessors or other control devices. Similarly, the software 
5 elements of the present invention may be implemented with any programming or scripting 

language such as C, C++, Java, COBOL, PERL, with the various algorithms being implemented 
with any combination of data structures, objects, processes, routines or other programming 
elements. Further, it should be noted that the present invention may employ any number of 
conventional techniques for data transmission, signaling, data processing, network control, and 
10 the like. 

It will be appreciated that many applications of the present invention could be 
A formulated. One skilled in the art will appreciate that the network may include any system for 
exchanging data or transacting business, such as the Internet, an intranet, an extranet, WAN, 
W LAN, VPN (virtual private network), satellite communications, and/or the like. It is noted that 
lSjgi the network may be implemented as other types of networks, such as an interactive television 
f " (ITV) network. The users may interact with the system via any input device such as a keyboard, 
O mouse, kiosk, personal digital assistant, handheld computer, cellular phone and/or the like, 
fy Similarly, the invention could be used in conjunction with any type of personal computer, 
network computer, workstation, minicomputer, mainframe, or the like running any operating 
2©--- system such as any version of Windows, Windows NT, Windows 2000, Windows 98, Windows 
95, MacOS, OS/2, BeOS, Linux, UNIX, Solaris or the like. Moreover, although the invention is 
frequently described herein as being implemented with TCP/TP communications protocols, it will 
be readily understood that the invention could also be implemented using IPX, Appletalk, IP-6, 
NetBIOS, OSI or any number of existing or future protocols. Moreover, the system contemplates 
25 the use, sale or distribution of any goods, services or information over any network having 
similar functionality described herein. 

The computing units may be connected with each other via a data communication 
network. The network may be a public network and assumed to be insecure and open to 
eavesdroppers. In the illustrated implementation, the network may be embodied as the internet. 
30 In this context, the computers may or may not be connected to the internet at all times. For 
instance, the customer computer may employ a modem to occasionally connect to the internet, 
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whereas the bank computing center might maintain a permanent connection to the internet. 
Specific information related to the protocols, standards, and application software utilized in 
connection with the Internet may not be discussed herein. For further information regarding 
such details, see, for example, Dilip Naik, Internet Standards and Protocols (1998); Java 
5 2 Complete, various authors, (Sybex 1 999); Deborah Ray and Eric Ray, Mastering HTML 
4.0 (1997). Loshin, TCP/IP Clearly Explained (1997). All of these texts are hereby 
incorporated by reference. 

The systems may be suitably coupled to network via data links. A variety of 
conventional communications media and protocols may be used for data links. Such as, for 
10 example, a connection to an Internet Service Provider (ISP) over the local loop as is typically 
used in connection with standard modem communication, cable modem, Dish networks, ISDN, 
O VPN, Digital Subscriber Line (DSL), or various wireless communication methods. Merchant 
II system might also reside within a local area network (LAN) which interfaces to network via a 
= * leased line (Tl, D3, etc.). Such communication methods are well known in the art, and are 
15W covered in a variety of standard texts. See, e.g., GILBERT HELD, UNDERSTANDING Data 
fi COMMUNICATIONS (1996), hereby incorporated by reference. 

!L Figure 1 is a conceptual block diagram providing an overview of an exemplary system in 

CP accordance with one embodiment of the present invention. As shown, the system can be 

f J partitioned as a four-tier structure, including a back-end systems tier 1 02, an application server 

2<H tier 104, a web server tier 106, and a client tier 108. The backend systems tier 102 suitably 

comprises, for example, one or more external content providers 116, one or more internal content 
providers 120, and a processor 118 coupled to the content providers 116. Each external content 
provider 1 16 and each internal content provider 120 suitably includes, for example, one or more 
data storage devices configured to store public and/or private information as applicable. 

25 The data storage devices for the backend systems may be any type of data storage device, 

such as relational, hierarchical, object-oriented, and/or the like. Common data storage products 
that may be used to implement the databases include DB2 by IBM (White Plains, NY), any of 
the database products available from Oracle Corporation (Redwood Shores, CA), Microsoft 
Access by Microsoft Corporation (Redmond, Washington), or any other database product. 

30 Database may be organized in any suitable manner, including as data tables or lookup tables. 
Association of certain data may be accomplished through any data association technique known 
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and practiced in the art. For example, the association may be accomplished either manually or 
automatically. Automatic association techniques may include, for example, a database search, a 
database merge, GREP, AGREP, SQL, and/or the like. The association step may be 
accomplished by a database merge function, for example, using a "key field" in each of the 
5 manufacturer and retailer data tables. A "key field" partitions the database according to the high- 
level class of objects defined by the key field. For example, a certain class may be designated as 
a key field in both the first data table and the second data table, and the two data tables may then 
be merged on the basis of the class data in the key field. In this embodiment, the data 
corresponding to the key field in each of the merged data tables is preferably the same. 
10 However, data tables having similar, though not identical, data in the key fields may also be 
merged by using AGREP, for example. 
m Application server 1 10 is any hardware and/or software suitably configured to process 

i'S messages from and to web server tier 106 and back-end systems tier 102. More particularly, in an 
j=y exemplary embodiment, application server tier 104 suitably includes an application server 110 
15J5 coupled to a personal preferences data store 122 and a personal profile data store 124 (e.g., a 
r lightweight directory access protocol database, or "LDAP"). In the illustrated embodiment, each 
3 external content provider 1 16 from the backend systems tier 102 is suitably connected to the 
f.y application server via processor 118, and each internal content provider 120 is suitably connected 
~5 to application server 110. Personal preferences data store 122 and personal profile data store 124 
2©^- are also suitably coupled to application server 110. 

Referring now to Figs. 1 and 2, an exemplary display 202, produced by the system of Fig. 
1 (e.g., a web page displayed on a computer monitor), includes integrated data 204 from various 
internal content providers 120 and external content providers 116 (Fig. 1). In one embodiment 
of the present invention, integrated data 204 may comprise data from one or more internal 
25 content providers 120 and data from one or more external content providers 1 16. Alternatively, 
integrated data 204 may derive only from one or more internal content providers 120, with no 
integrated data 204 from any external content provider 116. Integrated data 204 comprises at 
least one item of public data and at least one item of private data. In one embodiment, integrated 
data 204 is interactively or automatically updated in accordance with any changes, modifications, 
30 or updates that might occur at the respective internal or external content providers 120 or 1 16. 
Interactive updating refers to pulling data from data stores by a user system 126, such as when 
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user system 126 requests a credit card balance. Automatic updating refers to pushing data out of 
a data store to user system 126 without the user system 126 requesting it, for example if user 
system 126 is automatically provided with the Dow Jones Industrial Average. 

In one embodiment of the present invention, one or more internal content providers 120 
5 include a proprietary data store of an organization (e.g., a company, educational institution, 
financial institution, or the like). Typically, internal content providers 120 are selected from a 
suite of services offered by one of internal content providers 120. For example, a user may 
choose to display brokerage services, card balances, and 40 IK account information from a list of 
available information made accessible by a financial institution corresponding to internal content 
10 provider 120. In one embodiment of the present invention, each site aggregates network users 
126 to create what is referred to as a web portal Portals may be configured to provide access to 
P content and functionality centered around common interests or may differ in their focus and 
CO objectives. Thus, the system according to the present invention suitably integrates public and 
|7s private data into integrated data 204, which is displayed on user system 126, for example a single 
IW customizable page on one digital display 202, and which reflects a network user's preferences. 
|=* Having thus given an overview of the present invention, a detailed description of its 

^ various components will now be provided. 

£§ Application Server 

W As mentioned briefly above, application server 1 10 is any hardware and/or software 

suitably configured to process messages from and to web server tier 106 and back-end systems 
tier 102. In accordance with one embodiment of the present invention, application server 110 
uses Java or any type of general purpose programming language that supports the creation of 
dynamic web page content. In accordance with one embodiment of the present invention, general 

25 application server 1 10 utilizes Java Server Pages ("JSPs") and JavaBeans to populate web forms 
with local databases, client/server databases, and legacy databases to access multiple server 
resources. JSPs enable developers to effectively separate HTML coding from the business logic 
in web pages. Furthermore, various companies, e.g. IBM, have developed extensions to the JSP 
specification that include JSP tags, which are HTML-like and can be used to access databases, 

30 and reusable Java components, such as servlets and JavaBeans. For further information 
regarding such details, see, for example, Nicholas Kassem and the Enterprise Team, 
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Designing Enterprise Applications with the Java 2 Platform, Enterprise Edition 
(2000), which is hereby incorporated by reference. The web forms, including, inter alia, Java 
applets, are exposed to the user's browser and are then transferred through the various JSPs to a 
collection of Java Servlets. Java Servlets are then transferred to an MQ Series connector, a 
5 TCP/IP connector, or a JDBC (Java Database Connector). Data then travels from the MQ Series 
connector to a transaction server and then to a legacy application and, subsequently, legacy 
databases. Other data travels from the TCP/IP connector to TCP/IP sockets and then to 
client/server applications and, subsequently, client/server databases. Still other data travels from 
the JDBC to local databases. In accordance with one aspect of the present invention, Java 
10 components are suitably created to provide HTML authors with component names and attributes, 
wherein the appropriate database administrators provide HTML authors with the name of the 
1? database to be accessed along with table information. 

CO An additional feature of application server tier 104, according to one embodiment of the 

|7f present invention, is the internal "smart-caching" of data. Smart-caching allows rules to be 
I5;i~ associated with data elements, defining when the distributed system must expend the additional 
r* overhead to make a new call to the system of record, rather than using a previously cached set of 
fj information. For example, in the context of a credit card provider with a rewards system, if it is 
known that updates of loyalty rewards points are only done monthly, when an additional request 
CO for rewards data is made within the month, the cached data is returned, thus improving 
2(1 performance and system load. 

Referring to Figure 1, in accordance with one embodiment of the present invention, 
personal profile data store 124 is connected to application server 1 10 and is configured to 
personalize the experience of network user systems 126. Specifically, user system 126 
communicates with personal profile data store 124 by making a request over network 1 14. Such 
25 requests are referred to as "binding requests." Binding requests may include, for example, the 
user's data store current version, the method of authentication, and any credentials for 
authentication. Personal profile data store 124 then receives the binding request and accesses 
backend functions for a return reply. In one embodiment, the system stores user system's 126 
profile in a personal profile data store 124 and uses the information to dynamically create a 
30 customized page. 

In one embodiment of the invention, after the application is loaded, a servlet continues to 
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wait for additional user system 126 requests. Servlet aliases may be used to provide multiple 

instances of a servlet for each request. The functionality of a servlet includes, for example; 

creating and returning an entire HTML page containing dynamic content based on the nature of 

user system's 126 request; creating a portion of an HTML page or HTML fragment that can be 
5 embedded in an existing HTML page; communicating with other servlets; handling connections 

with multiple user systems 1 26; filtering data for special processing such as image conversion; 

and providing customized processing to any of web server's 1 12 standard routines. 

Any convenient set of hardware and/or software components may be configured in order 

to provide the functionality of application server 1 10, personal preferences data store 122, and 
10 personal profile data store 124. For example, in one embodiment, a Sun Enterprise 450 server 

can be used, equipped with one to four Ultra-SPARC-II processors, 128 MB to 4GB total 
"Z memory capacity, Solaris 2.6 operating system, IBM WebSphere application server 3.5. 

;tj Web Server 

15;. Web server 1 12 is any hardware and/or software suitably configured to provide a web 

service to network user systems 126 and/or to interface with network 114 and application server 
1 10. In the illustrated embodiment, application server 1 10 is connected, via a suitable data 
; connection 130, to web server 1 12 within the web server tier 106. In accordance with a preferred 
it embodiment of the present invention, web server 112 uses servlets to provide a framework for 
20 creating applications that implement a request/response paradigm. As mentioned above, in an 
exemplary embodiment, a servlet is a server side component, written in Java, that dynamically 
extends the functionality of a server. Servlets are used to extend a web server's 1 12 capabilities 
by creating a framework for providing request and response services over the network. In one 
embodiment of the present invention, network user system 126 sends a request to web server 112 
25 and the server 112 sends the request information to a Java servlet. The servlet can be loaded 
automatically when the application is loaded or can be loaded the first time a user system 126 
requests its services. The servlet dynamically builds a response according to the user system's 
126 request by utilizing other server 1 12 resources, including databases and Java-enabled 
applications. The servlet then passes a response to the web server 1 12, which sends the response 
30 back to the user system 126. 

A variety of hardware and/or software components may be configured to implement the 
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functionality of web server 112. For example, in one embodiment, a Sun Enterprise 450 server 
can be used, equipped with one to four Ultra-SPARC-II processors, 128 MB to 4GB total 
memory capacity, Solaris 2.6 operating system, Netscape Enterprise Web Server. 



5 Network a nd User Systems 

According to one embodiment of the present invention, web server 1 12 is connected to 
network 1 14 via a web/network connection 128. Network 1 14, in turn, is connected to one or 
more network user systems 126. In one embodiment of the invention, network user systems 126 
access the network 1 14 via the Internet or other global communications system. Alternatively, 
10 users may choose to access network 1 14 via remote access. New, unregistered or opted-out 
network user systems 126 may be provided a default content page which user systems 126 may 
*;S then customize according to their preferences, which may also be recorded in personal 
W preferences data store 122. According to one embodiment, user systems 126 may customize 
Ly multiple pages for viewing, including labeling and arranging the order of presentation. 
1^2 Technical and design standards may be communicated to user systems 126 to facilitate 
• N " customization efforts. 

O Figure 6 is an exemplary screen shot of a personal web site created according to one 

- embodiment of the present invention. This screen shot includes integrated data 204 with 
£5 elements of public data and private data. Public data on the screen shot includes data under the 
20] "MY CARDS" heading, offering more information on card membership rewards and on 

applying for another card, and data under the "MY FINANCE" heading, showing market index 
graphs. Private data on the screen shot in Fig. 6 includes data under the "MY ACCOUNTS" 
heading, including current balances, recent payments and membership rewards points available. 
This screen shot is for exemplary purposes only, and it will be understood by those skilled in the 
25 art that any number of combinations of public and private data may be accessed and viewed on a 
user system 126 according to various embodiments of the present invention. 

In accordance with one embodiment of the present invention, security for users can be 
created through use of a 2-firewall infrastructure. More particularly, web/network connection 
128 may include an Internet firewall, and application/web connection 130 may include an 
30 intranet firewall. Thus, connections initiated by network user systems 126 are protected by an 
Internet firewall between network 114 and web server 112 and by an intranet firewall between 
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web server 112 and application server 1 10 Network user systems 126 suitably link to network 
1 14 through a provider web server 1 12 with authentication between web server 1 12 and 
application server 1 10. Backend systems tier 102 of enterprise information systems, provider 
business partners, and external services is suitably connected and protected by the Intranet 
5 firewall. 

Exemplary process 

Figure 3 is a combination flow-chart/architectural diagram depicting an exemplary 
system for integrating data from various sources to form a web page on a digital display as 
10 shown in Fig. 2. In one embodiment of the present invention, this integration of data is 

accomplished by application server 110, personal profile data store 124 and personal preferences 
i§ data store 122 (see Fig. 1). The combination of application server 1 10, personal profile data 

store 124 and personal preferences data store 122 is referred to as an application server system 
W 334 in Figure 3. (In Fig. 3, web server tier 106 is not depicted in order to simplify the diagram.) 
15fj In accordance with one embodiment of the present invention, a network user begins the 

f ™ process by entering registration/authentication data 3 18 in response to a request from application 
O server 110, the results of which are suitably stored in a personal profile utility. A personal 
f|i profile utility may include a personal profile data store 124 and/or a personal preferences data 
Jjf store and/or any other suitable means for storing and accessing personal profile data. After 
2© entering this data, and thus registering for the first time, simple authentication may be requested, 
including, for example, ensuring that user system 126 provides a password to the personal profile 
data store 124. After providing a password, user system 126 is allowed access to web server 1 12 
on the provider's site (Fig- 1)- In another embodiment, a certificate-based authentication may be 
used, wherein clients send certificates to personal profile data store 124 and the certificate 
25 identifies the data store client (i.e., user system 126). In one embodiment of the present 

invention, all points of access into the system are protected through suitable firewalls. Similarly, 
the system of the present invention may also provide a login-blocking capability after 
unsuccessful login attempts. In yet another embodiment, other authentication and security 
mechanisms could be added to the system. For example, one or more of three levels of security 
30 could be implemented. These levels might be based on something the user knows, such as a 

password, something the user has, such as a smart card, and/or something the user "is," such as a 
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biometric fingerprint or retina scan. It will be understood that one, all or any combination of 
these three levels of security might be employed and that any other reliable technology for 
providing security to network user systems 126 may be used. For example, a combination of 
different levels of security might involve a card with a magnetic strip and a personal 
5 identification number, such as is used with a ATM card. 

In one embodiment of the present invention, confirmation of network user system 126 
defines an identification code ("user ID"), which is then forwarded to user system 126 once 
registration is complete. Repeat network user systems 126 may be automatically recognized and 
served with the appropriate customized web page, even if they do not log in, e.g., through the use 
10 of cookies or similar technology. User systems 126 may also log in via remote access 

recognition. After login, user systems 126 may modify profile data such as user ID or password 
yg and account information. User systems 126 may retrieve their preferences or set their remote 
5' access code ("RAC") to retrieve preferences remotely. In one embodiment, after registering for 
W services offered by internal content provider 120, network user system 126 is presented with a 
1 SO welcome page for system registration 3 1 8 and acceptance of terms and conditions. User systems 
r ~ 126 complete registration by providing information for the personal profile data store 124 and 
y may select a RAC. Accessibility to any given service is restricted to user systems 126 with 
fll verified registrations. In one exemplary embodiment, registrations are verified against account 
5| records before data is shown. All points of entry into the system may be protected through at 
2# least one firewall. In one aspect of the invention, personal data is stored in a trusted domain of 
the web complex, with all confidential data encrypted before being transmitted over open 
networks. 

Internal 120 and external 116 content providers may use information from personal 
profile data store 124 for many purposes. For example, information may be used for directing 

25 marketing efforts towards specific user systems 126. To accomplish that end, user information 
may be retrieved from personal profile data store 124 and special promotional messages, offers 
and any other suitable marketing materials are presented to user systems 126, based on that 
information. Similarly, internal 120 and external 1 16 content providers may customize the 
information they provide to network user systems 126, based on user profile information. This 

30 customization is accomplished through personalization rules tied to content requests by the user 
systems 126. For example, a holder of a particular credit card may be shown special events 
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planned for holders of that card during a trip that the card holder has planned for a given city. 

Referring again to Figure 3, when a network user inputs registration or authentication 
data 318, application server 110 suitably allows user system 126 to access both transactional 
assets 302 and content assets 304. Transactional assets 302 comprise both company transactions 
5 306 and business partner transactions 308. Company transactions 306 are transactions provided 
by internal content provider 120. Examples of company transactions 306 may include 
transactions provided by a credit card company, such as checking a credit card bill, 40 IK plan 
balance or brokerage account on line. Business partner transactions 308 are similar transactions 
provided by external content providers 116, which are business partners of internal content 
10 provider 120. Examples may include buying airline tickets or stocks on line. Content assets 304 
^ comprise company content 310 and business partner content 312. Company content 3 10 is 
? provided by internal content provider 120 and may include investment advice or savings advice 
2 from a credit card company. Business partner content 3 12 is provided by external content 
¥j provider 1 16 and may include news items from Reuters news service or weather reports from 
1 541 weather, com. 

I In accordance with one embodiment of the present invention, transactional assets 302 

; pass through a transactional aggregation utility 3 14, which aggregates transactional assets 302. 
ry Application server 110 may then send aggregated transactional assets 302 to either personal 
I* profile data store 124, a security services utility 328 or a content management utility 330. Also 
2b* in accordance with one embodiment, content assets 304 may pass through a content aggregation 
utility 316. Aggregated content assets 304 are then sent to content management utility 330. 

In accordance with one embodiment of the present invention, asset aggregation is 
achieved via aggregation utilities 3 14, 3 16, based upon the type of asset to be integrated. 
External, business partner content 312, for example, may be aggregated by content aggregation 
25 utility 3 1 6, which may be a content aggregation tool such as WebMethods or any other suitable 
content aggregation tool. Transactional assets 302, on the other hand, may be aggregated by 
various methods, those methods being executed by an application server such as WebSphere or 
any other suitable server. According to one aspect of the present invention, web pages 
incorporating internal content are presented using content management utility 330. In one 
30 embodiment, transactional assets 302 and content assets 304 may be prioritized according to user 
preferences. Further detail is available for each screen by clicking through to selected items and 
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an on-line reference manual is available for customization options. 

According to another aspect of the invention, business unit owners can control the 
content and layout of subtopic areas available to network user systems 126. Internal 120 and 
external 1 1 6 content providers are provided with a standard mechanism to supply content to the 
system and a process to communicate technical and design standards. In another aspect of the 
invention, a set of guidelines, processes and controls for topic owners to maintain topic areas is 
provided. In one aspect of the present invention, transaction functionality is provided through 
links to existing applications. In another aspect, detailed content is presented through links to the 
provider web page. In one embodiment, the system provides support for transactional content. 

In another embodiment of the present invention, click-stream data 320, 322 is stored in a 
personal preferences database 122. Click-stream data may derive from content pages 320 or 
transactional pages 322 accessed by a network user 126. In addition to click-stream data 320, 
322, data from the personal profile data store 124 may also be transferred to and stored in the 
personal preferences database 122. Eventually, information such as user 
registration/authentication 318, transactional assets 302, content assets 304, and click-stream 
data 320, 322, after passing through one or more components of the application server system 
334, is transmitted to an interactive presentation service 332. This interactive presentation 
service 332 is any hardware and/or software suitably configured to create the look and feel of 
network user system's 126 web site. 

Figure 4 is a flow diagram depicting in further detail an exemplary flow of information 
through web server 1 12 (Fig. 1). (In Fig. 4, application server tier 104 is not shown, to simplify 
the diagram.) The diagram displays web server 112 architecture, which utilizes, for example, 
JSP integration with servlets in a command bean framework and XML document structure 
services create a web page on a digital display 202. In one embodiment of the present invention, 
information is transferred from backend systems tier 102 to either user profile access bean 410 or 
a messaging service 412 via HTTP 422, wherein user profile access bean 410 can be any form of 
personal profile service. From user profile access bean 410, information is sent to a presentation 
bean 416 and then, for example, to a web page on a digital display 202, wherein presentation 
bean 416 can be any form of data request handler. Information from messaging service 412 is 
transmitted to presentation bean 416, a public data access bean 418 or a private data access bean 
420 and then to a web page on a digital display 202. Public data access bean 418 can be any 
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form of public data service and private data access bean 420 can be any form of private data 
service. Information may also flow from a web page on digital display 202 to backend systems 
tier 102. Such information may pass directly to user profile access bean 410 and then to backend 
systems tier 102 via XML 424. Alternatively, information may be transferred from a web site to 
a messaging data access bean 414 and then to messaging service 412. From messaging service 
412, information is then sent to backend systems tier 102 via XML 424. In one embodiment, 
web server 1 12 further includes a network security service 442. Information passing between 
user system 126 with digital display 202 and the various components of web server 1 12 
described above, may first be required to pass through network security service 442. 

Figure 5 is a combination flow diagram and architectural diagram showing an exemplary 
method of handling information flow from client tier 108 to backend systems tier 102 and from 
backend systems tier 102 back to client tier 108. Initially, an HTTP post/get request 510 is 
initiated from client tier 108 to web server tier 106. This data is then encapsulated within the 
presentation layer application of web server tier 106. The information is then sent via an HTTP 
post 512 to application server tier 104 for data acquisition and aggregation by one of the 
application server's business specific functions. The presentation layer elements may include, 
for example, any combination of JavaBeans, JSPs, Java classes, and any other convenient code 
hosted on web servers 106 configured to communicate with the servlets via HTTP. This process 
may be repeated several times in order to aggregate information on the main page. Information 
from client tier 108 that is processed by web server tier 106 and application server tier 104 is 
then sent to backend systems tier 102 via outgoing JDBC/LDAP 514. Backend systems tier 102 
then processes the data and sends it back to application server tier 104 via incoming 
JDBC/LDAP 516. This data is then transferred to web server tier 106 as XML data 518 and to 
client tier 108 as HTML data 520. 

In one embodiment of the present invention, to minimize coupling between the 
presentation and application layers, a Command Bean framework is used. As is known, 
command beans act as interface adapters to system components belonging to different functional 
domains, and provide the functionality to invoke various services in accordance with the 
invention. By implementing a command bean, interfaces exposed by external content providers 
116 (shown in Fig. 1) can be changed independently by implementing the changes through the 
command beans. Multiple external content providers 116, providing similar functionality, can b« 
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integrated with the same command bean. In an alternative embodiment, each command bean 
may correspond to a single business logic task such as a query task, update task or any other such 
tasks as may be desired. With continued reference to Fig. 1, the command bean framework 
substantially isolates application server tier 104 from changes that could occur in the interface 
supported by external content providers 116. In one embodiment of the invention, the 
implementation of external content providers 1 16 or mediators that acquire data from backend 
systems tier 102 is modifiable (e.g. from Java servlets to Enterprise JavaBeans) without 
substantially impacting client tier 108 by effecting corresponding changes in the command 
beans. 

In order to control how documents are presented to network user system 126, XML tags 
may be used. To process and dynamically generate XML documents, according to one 
embodiment, web server tier 106 function is extended by the XML Document Structure Services 
in application server tier 104. This enables database connectors and integration applications to 
parse, generate, manipulate, and validate XML-based dynamic content. This content is sent to 
client tier 108 and interchanged with other servlets. Alternatively, web server tier 106 may be 
used to selectively apply stylesheets to XML documents when client tier 108 devices do not 
support XSL stylesheets to XML documents. 

It should be understood that the exemplary processes illustrated above may include more 
or fewer steps or may be performed in the context of a larger processing scheme. Although the 
invention has been described herein in conjunction with the appended drawings, those skilled in 
the art will appreciate that the scope of the invention is not so limited. Modifications in the 
selection, design, and arrangement of the various components and steps discussed herein may be 
made without departing from the scope of the invention as set forth in the appended claims. 
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